Archive for June 6th, 2013

Openvpn >= 2.1, Windows and *nix clients, topology subnet, client-to-client

Thursday, June 6th, 2013

If you have both Windows and *nix clients in your OpenVPN implementation and need them to be able to communicate with each other (‘client-to’client’ option in the server configuration file), you may face the problem on Windows, while using the stable version of OpenVPN GUI. It’s based on 2.0 OpenVPN, which doesn’t have the ability to handle client connection with /24 subnet mask, and we strongly need it.
In such a case use the development version of OpenVPN GUI. For this moment (June 6, 2013) it is OpenVPN 2.1_beta7 & OpenVPN GUI 1.0.3. The trick is that OpenVPN supports ‘topology xxx’ directive starting from the 2.1 version, and the development package (as for today) for Windows is based on it.
Your Windows client’s configuration file should be similar to this:

client
dev tun
proto udp
remote IP.ADD.RE.SS 1194
topology subnet
nobind
persist-key
persist-tun
;
ca "c:\\program files\\openvpn\\ca.crt"
cert "c:\\program files\\openvpn\\client5.crt"
key "c:\\program files\\openvpn\\client5.key"
;
comp-lzo
verb 3

UPDATE: as for now (January 30, 2018) Windows version is available from other location: https://openvpn.net/index.php/open-source/downloads.html
Howto: https://community.openvpn.net/openvpn/wiki/Easy_Windows_Guide